US20120196570A1 - Terminal Identifiers in a Communications Network - Google Patents

Terminal Identifiers in a Communications Network Download PDF

Info

Publication number
US20120196570A1
US20120196570A1 US13382586 US200913382586A US2012196570A1 US 20120196570 A1 US20120196570 A1 US 20120196570A1 US 13382586 US13382586 US 13382586 US 200913382586 A US200913382586 A US 200913382586A US 2012196570 A1 US2012196570 A1 US 2012196570A1
Authority
US
Grant status
Application
Patent type
Prior art keywords
network
imsi
mobile
terminal
subscription
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US13382586
Other versions
US9026082B2 (en )
Inventor
Fredrik Lindholm
Magnus Hallenstål
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Telefonaktiebolaget LM Ericsson AB
Original Assignee
Telefonaktiebolaget LM Ericsson AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/186Processing of subscriber group data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W8/00Network data management
    • H04W8/26Network addressing or numbering for mobility support
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W8/00Network data management
    • H04W8/26Network addressing or numbering for mobility support
    • H04W8/265Network addressing or numbering for mobility support for initial activation of new user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/183Processing at user equipment or user record carrier

Abstract

A method and apparatus for allocating an identifier to a terminal in a communications network. A core network controlling node, such as a Mobility Management Entity (MME) receives an International Mobile Subscriber Identity (IMSI) and an International Mobile Equipment Identity (IMEI) from the terminal. Subscription information is determined using both the IMSI and the IMEI. A temporary identifier that can be used to identify the terminal is then allocated to the subscription information.

Description

    TECHNICAL FIELD
  • [0001]
    The invention relates to the field of providing terminal identifiers in a communications network.
  • BACKGROUND
  • [0002]
    Communications devices, such as mobile telephones or personal computers, allow a subscriber to attach to a communication network and communicate with other devices. Furthermore, a growth area is that of machine to machine (M2M) communication, in which communications are sent between different devices without human intervention. Examples of the use of M2M communication include the provision of sensor networks (for example, networks for monitoring weather conditions,), surveillance equipment (for example alarm systems, video monitoring, and so on), vehicle fleet management, vending machines, monitoring manufacturing and so on.
  • [0003]
    It is predicted that in the long term future, there will be billions of M2M devices, and the number of M2M devices will far exceed the number of devices used for communication between humans (such as mobile telephones, personal computers and so on).
  • [0004]
    When a device wishes to attach to an existing 3GPP mobile access network, it must register with the network and be authenticated. Registration and authentication are handled using information contained in a Subscriber Identity Module (SIM) or Universal Subscriber Identity Module (USIM) at the device. Each device is uniquely identified by an International Mobile Subscriber Identity (IMSI) that is stored at the SIM/USIM. The IMSI is a number range managed by ITU-T, where the number is split into three sections as follows:
  • [0005]
    1. Mobile Country Code (MCC) that uniquely identifies the country (three digits).
  • [0006]
    2. Mobile Network Code (MNC) that identifies the home Public Land Mobile Network (PLMN) of the mobile subscriber (two or three digits).
  • [0007]
    3. Mobile Subscriber Identification Number (MSIN) that identifies the mobile subscriber within a PLMN (nine to ten digits).
  • [0008]
    By way of example, if the MCC is 429, the MNC is 01, and the MSIN is 1234567890, then the IMSI is 429011234567890.
  • [0009]
    If the predictions for the growth in communication devices such as M2M devices are accurate, then some countries will face a shortage of IMSI numbers. An obvious solution to a potential shortage of IMSI numbers is to extend the length of the IMSI, for example by making the MSIN twelve digits long. However, this is not a practical solution as it would require changes to terminals, access network procedures and all network nodes.
  • [0010]
    If the prediction of billions of devices holds, some countries will start to have a shortage of IMSI numbers. An obvious solution to this would simply be to extend the IMSI length. However, this would make it difficult in existing systems as it would require changes to existing mobile terminals and all other network nodes, as well as changes to access network procedures.
  • SUMMARY
  • [0011]
    The inventors have recognized the problems with the limited number of IMSI numbers, and the problems inherent in addressing the limited number of IMSI numbers by increasing the length of an IMSI number. It is an object of the invention to support more devices in a network without making changes to existing IMSI numbers.
  • [0012]
    According to a first aspect of the invention, there is provided a method of allocating an identifier to a terminal in a communications network. A core network controlling node, such as a Mobility Management Entity (MME) receives an International Mobile Subscriber Identity (IMSI) and an International Mobile Equipment Identity (IMEI) from the terminal. Subscription information is determined using both the IMSI and the IMEI. A temporary identifier that can be used to identify the terminal is then allocated to the subscription information. By determining subscription information using both the IMSI and the IMEI, instead of just the IMSI, many terminals can be associated with a single IMSI.
  • [0013]
    The identifier is optionally selected from any of a Temporary IMSI, a Packet Temporary IMSI, and Globally Unique Temporary Identity.
  • [0014]
    In an optional embodiment of the invention, a Home Subscriber Server (HSS) receiving the IMSI and IMEI from a core network controlling node. The IMSI identifies a user subscription. A sequence number counter is then associated with the combination of the IMSI and the IMEI. In this way, an IMSI is still unique to a particular user, but each combination of IMSI and IMEI identifies a different terminal, and so it is necessary to associate a sequence number counter with each IMSI/IMEI combination.
  • [0015]
    As an option, the method further comprises sending to the core network control node an authentication challenge as part of a process to generate session keys for the terminal, the authentication challenge comprising at least in part an identifier for the terminal. This ensures that no two terminals will be allocated the same session keys.
  • [0016]
    In an optional embodiment, the HSS receives from a core network control node the IMSI and an IMEI, and identifies a user subscription using the combination of the IMSI and the IMEI. In this way, an IMSI is not necessarily unique to a particular user, and more than one user may have the same IMSI.
  • [0017]
    According to a second aspect of the invention, there is provided a core network controlling node for use in a communications network. The core network controlling node comprises a first receiver for receiving from a terminal device a request to attach to the network. A first transmitter is provided for sending to a HSS a request for information to authenticate the terminal. A second receiver is provided for receiving, from the HSS, information relating to a subscription. A processor is arranged to allocate, on the basis of both an IMSI and an IMEI relating to the terminal, a temporary identifier to the subscription information. The temporary identifier is used to identify the terminal. A second transmitter is provided for sending the temporary identifier to the user terminal.
  • [0018]
    As an option, the core network controlling node is selected from one of a Mobility Management Entity, a Serving GPRS Support Node and a Mobile Switching Centre.
  • [0019]
    According to a third aspect of the invention, there is provided a HSS for use in a communications network. The HSS is provided with a first receiver for receiving from a core network controlling node a request for information to authenticate a terminal. The receiver is also arranged to receive an IMSI and an IMEI relating to the terminal. A processor is also provided to determine subscription information associated with the combination of the IMSI and the IMEI.
  • [0020]
    As an option, the HSS further comprises a transmitter for sending to the core network control node an authentication challenge as part of a process to generate session keys for the terminal. The authentication challenge comprises at least in part an identifier for the terminal.
  • [0021]
    As an option, the processor is arranged to identify a user subscription on the basis of the IMSI, and the subscription information identifies a unique counter relating to the user subscription. In this case, the HSS further comprises a transmitter for sending authentication information relating to the user subscription to the core network controlling node. Alternatively, the subscription information comprises a user subscription, and the HSS further comprising a transmitter for sending authentication information relating to the user subscription to the core network controlling node.
  • [0022]
    According to a fourth aspect of the invention, there is provided a computer program, comprising computer readable code which, when run on a programmable network node, causes the programmable network to perform a method as described above in the first aspect of the invention.
  • [0023]
    According to a fifth aspect of the invention, there is provided a recording medium storing computer readable code as described above in the fourth aspect of the invention.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • [0024]
    Some preferred embodiments of the invention will now be described by way of example only and with reference to the accompanying drawings, in which:
  • [0025]
    FIG. 1 is a signalling diagram showing signalling required when a User Equipment attached to a network according to an embodiment of the invention;
  • [0026]
    FIG. 2 is a signalling diagram showing signalling between a core network controlling node and a Home Subscriber Server according to an embodiment of the invention;
  • [0027]
    FIG. 3 is a signalling diagram showing signalling between a core network controlling node and a Home Subscriber Server according to an alternative embodiment of the invention;
  • [0028]
    FIG. 4 illustrates schematically in a block diagram a relationship between a user, User Equipment and subscriptions relating to each User Equipment according to an embodiment of the invention;
  • [0029]
    FIG. 5 illustrates schematically in a block diagram extended counter handling at a Home Subscriber Server according to an embodiment of the invention;
  • [0030]
    FIG. 6 illustrates schematically in a block diagram a relationship between users, User Equipment and subscriptions relating to each user and User Equipment according to an embodiment of the invention;
  • [0031]
    FIG. 7 illustrates schematically in a block diagram extended credential handling at a Home Subscriber Server according to an embodiment of the invention;
  • [0032]
    FIG. 8 is a flow diagram illustrating the steps of an embodiment of the invention;
  • [0033]
    FIG. 9 illustrates schematically in a block diagram a core network controlling node according to an embodiment of the invention; and
  • [0034]
    FIG. 10 illustrates schematically in a block diagram a Home Subscriber Server according to an embodiment of the invention.
  • DETAILED DESCRIPTION
  • [0035]
    In order to increase the number of devices that can attach to a network, the International Mobile Equipment Identity (IMEI) is used in addition to the IMSI in order to create a unique identifier for each terminal. The IMEI is a number that is unique to each 3GPP mobile device. It is normally used to identify a mobile terminal to determine whether it is on a blacklist of stolen terminals. If so, then the stolen mobile terminal can be prevented from accessing the communication network, regardless of whether the SIM associated with the mobile terminal has been changed. Note that the IMEI is only used to identify the terminal and has no relation to the IMSI, although a combination of the IMEI (by checking it against the blacklist) and the IMSI is commonly used to determine whether a subscriber can connect to a particular communication network using a particular mobile terminal.
  • [0036]
    Referring now to FIG. 1 herein, when a terminal such as a UE 1 attaches to a network 2, it sends an attach message S1. The network 2 responds by sending an identity request S2. In response to the identity request, the UE 1 sends a response S3 that includes at least the IMSI stored at the SIM or USIM of the UE 1. If the response S3 does not also include the IMEI associated with the UE 1, then the network 2 sends a further message S4 to the UE requesting the IMEI. The UE 1 responds by sending a message S5 that includes its IMEI. Once the network 2 knows the IMSI and the IMEI, then authentication procedures S6 as described below can be performed.
  • [0037]
    In order to identify a subscription information relevant to the terminal, the network elements do not use only the IMSI as in the prior art, but a combination of the IMSI and the IMEI. In order to identify subscription information using a combination of the IMSI and the IMEI, changes must be made to most network nodes, such as the Serving GW, Mobility Management Entity (MME), Serving GPRS Support Node (SGSN), Mobile Switching Centre (MSC) and Home Subscriber Server (HSS). The Radio access networks (GERAN, UTRAN, E-UTRAN) will not be affected by the use of a combination of the IMSI and IMEI.
  • [0038]
    A Temporary IMSI (TMSI) and a Packet Temporary IMSI (P-TMSI) are allocated to the user's terminal (determined using the IMSI and IMEI described above) and used to ensure a unique identification of the terminal within a Location Area and Routing Area respectively. Alternatively, a Globally Unique Temporary Identity (GUTI) may be allocated when an Evolved Packet System (EPS) is used. This is particularly important if two terminals having the same IMSI happen to be within the same Location Area and/or Routing Area. This might occur where, for example, a subscriber has a both a personal computer and a mobile terminal connected to the network. The TMSI, P-TMSI, or GUTI are used between the UE 1 and the network 2 in all communications. In the below examples, TMSI and P-TMSI are used as examples, but a GUTI could be used instead.
  • [0039]
    By associating a subscription information identifying the terminal with a combination of the IMSI and IMEI, the number of subscriptions for UEs that can be uniquely identified in a network far exceeds that number of subscriptions for UEs that can be uniquely identified using the IMSI alone. This is because many UEs can have the same IMSI, as different terminals are identified using a combination of both the IMSI and the IMEI.
  • [0040]
    The term “user subscription” is used to refer to a subscription relating to a user, whereas the term “terminal subscription” is used herein to denote a portion of a user subscription that is relevant to a particular UE. Thus, if a user has one UE, then the terminal subscription may be the same as the user subscription. If a user has two registered UEs, then the terminal subscription for the first UE may be subscription information from the user subscription that includes information specific to that terminal.
  • [0041]
    Using a combination of an IMSI and an IMEI to identify subscription information can lead to some issues with authentication. Currently it is not possible to use the same IMSI on several terminals. This is because the authentication credentials are coupled to the IMSI. The authentication credentials include, among other things, a sequence number counter used to mitigate replay attacks. This counter must be synchronized between the UE and a Home Subscriber Server (HSS) at all times. Where multiple UEs have the same IMSI, the counter will lose synchronization between the different
  • [0042]
    UEs as soon as one of them starts to authenticate itself with the network. This needs to be addressed when using the present invention, as the present invention allows multiple UEs to share the same IMSI.
  • [0043]
    There are several ways in which the issue of authentication can be addressed where a subscription is identified using a combination of an IMSI and an IMEI. Two suggested ways to address the problem are:
  • [0044]
    1. Re-using SIM/USIM credential among several UICCs; and
  • [0045]
    2 Unique credentials.
  • [0046]
    The basic principle in both these cases is illustrated in FIG. 2, and is to extend the interface between a core network controlling node such as a Mobility Management Entity (MME) 3 and the HSS 4, so that during authentication of the UE 1, the MME 3 sends S7 the UE's IMEI to the HSS 4 as well as the IMSI. The HSS 4 then returns S8 authentication data specific to the combination of the IMSI and IMEI.
  • [0047]
    FIG. 3 illustrates the case where the HSS requests the IMEI from the MME 3. In this example, the MME 3 sends S9 an authentication data request to the HSS 4. If the HSS doesn't receive the IMEI, it sends a request S10 back to the MME 3 requesting the IMEI. In response, the MME 3 sends S11 the IMEI to the HSS 4, and the HSS 4 responds S12 with an authentication data response.
  • [0048]
    Turning now to the first solution mentioned above, that of re-using SIM/USIM credential among several UICCs (a UICC is a Universal Integrated Circuit Card at which the SIM is located), an assumption is made that the IMSI is connected to a subscription owner. Thus the owner can have multiple devices, each and every one having an individual record in the HSS 4.
  • [0049]
    By way of example, and referring to FIG. 4, if User A 5 has three terminals 6, 7, 8, each terminal may all have the same IMSI provisioned in their SIM, but separate subscription information for each terminal can be identified by the combination of the IMSI and IMEIs. In this way, the credentials that are in general coupled to a specific SIM can be duplicated on several SIMs for use on different terminals. As discussed above, the main problem with sharing an IMSI between several terminals is that the sequence number that is coupled with the IMSI will get out of synchronization when more than one terminal is attached to the network. To counter this, an extended sequence counter handling is introduced at the HSS 4, as illustrated in FIG. 5.
  • [0050]
    A separate counter range 9, 10, 11 is created for each UE identified by the combination of the ISIM/IMEI, rather than creating a counter range for each ISIM. In the example of FIG. 5, the HSS 4 stores a counter range 9 for a first UE, and a second counter range 10 for a second UE, and a third counter range 11 for a third UE, even though both UEs share the same IMSI. The first time a UE 1 authenticates to the network, the HSS 4 receives the IMSI and the IMEI2 associated with the UE 1. The HSS 4 detects that there is no entry corresponding to the IMEI2, and thereby create a new entry 10 with a default sequence number. In this way, the problems of two terminals using the same ISIM are addressed.
  • [0051]
    In a scenario in which a user moves a *SIM (and consequently the ISIM) from one UE to another, the sequence number in the *SIM may be quite different from the one initialized in the HSS 4 when authenticating from the UE 1 the first time. This is handled by existing error handling procedures, where the UE 1 sends a synchronization failure message back to the network, indicating the sequence number that it expected to receive. The HSS 4 then updates its cache.
  • [0052]
    There is an extremely low risk of re-using the same credentials in multiple UEs sharing an ISIM. If the exact same challenge, same sequence number, and so on are sent to two different UEs, there is a risk that the same session keys (Ck/Ik) will be created and used for each UE, making communications to one UE insecure to the owner of the other UE having the same session keys. The risk of two UEs being allocated the same session keys is of the order of 1 in 264, as a fresh challenge is always created from the network. However, one way to remove this remote risk is to create a challenge such that the first e.g., 8 bits identify the UE, and the rest of the challenge is created at random. In this way, the full challenge sent will be unique among all UEs sharing the same ISIM. Note that the number of bits required to ensure that the challenge is unique depends upon the number of UEs that share the same ISIM. The 8-bit example described above means that an ISIM could be shared among up to 256 different UEs.
  • [0053]
    The second solution to the issue of authentication is using unique credentials. As illustrated in FIG. 6, each IMSI/IMEI combination identifies a unique user subscription, allowing a huge number of user subscriptions. In the example of FIG. 7, each of the users 5, 12, 14 has a UE (6, 13 and 15 respectively). Each UE 6, 13, 15 shares the same IMSI. However, as each user subscription is now identified by a combination of the IMSI and the IMEI, then each user's subscription can be identified separately despite the UEs sharing an IMSI.
  • [0054]
    The approach of using unique credentials implies that for each IMSI, there is also one or more configured IMEI that points to credentials to be used to authenticate the UE, as illustrated in FIG. 7, in which the three subscriptions 16, 17, 18 have unique IMEIs but share the same IMSI.
  • [0055]
    When the MME 3 performs an authentication data request using the IMSI and IMEI, the HSS 4 first finds the IMSI entry in the database, and then further locates the IMEI and the authentication data related to that IMEI. In this way, the UE can be authenticated (or not) in the network.
  • [0056]
    At some point, the credentials must be coupled to both the IMSI and the IMEI. Some examples of how and when to do this are as follows:
      • The UE is delivered and provisioned with the *SIM when being sold, and so the provisioning of the relevant data can be done before delivering the equipment in the same way as *SIMs are currently provisioned.
      • The user buys a device and a separate *SIM. The user is required to use a self provisioning system, for example by logging on to an activation page, in which the user enters the *SIM identity and the IMEI in order to couple the two in the operator's network and to activate the SIM.
      • The Downloadable USIM solution can be extended to include the IMEI as a reference to automatically provision a *SIM on the UE.
  • [0060]
    Re-using SIM/USIM credentials among several UICCs and using unique credentials can both be used within the same network, allowing flexibility for the network operator for different subscription types. The invention may be used for any type of UE, but it is seen as most appropriate for M2M networks in which UEs may not require a great deal of functionality and the ISIM is owned by a single entity. For example, a gas meter operator using an M2M network may have 256 UEs acting as meter flow monitors. Each UE has the same ISIM but a different IMEI, and so as they have different subscriptions.
  • [0061]
    Referring now to FIG. 8, a flow diagram is shown illustrating steps of an embodiment of the invention. The following numbering corresponds to the numbering of FIG. 8:
  • [0062]
    S13. A core network controlling node such as an MME in the network 4 receives an IMSI that is associated with a SIM at the UE 1, and an IMEI associated with the UE 1 itself, as illustrated in FIG. 1.
  • [0063]
    S14. A request for authentication is sent to the HSS 4.
  • [0064]
    S15. The HSS uses the IMSI and the IMEI to determine subscription information for the UE 1 and returns the authentication information to the MME 3.
  • [0065]
    S16. The HSS also starts a sequence number counter associated with the IMSI/IMEI combination. If a counter does not exist, a new counter is created with a default value. If a counter exists, the existing counter is used.
  • [0066]
    S17. A TMSI and a P-TMSI are allocated to the terminal subscription for the duration of the communication session.
  • [0067]
    S18. The TMSI and P-TMSI are used for all communications between the network 2 and the UE 1.
  • [0068]
    Referring to FIG. 9, there is illustrated a core network controlling node 3 such as a MME. The MME 3 is provided with a receiver 19 for receiving from a UE 1 a request to register with the network. A transmitter 20 is used to send a request to the HSS 4 to authenticate the UE 1, and a second receiver 21 receives information relating to subscription information from the HSS 4. A processor 22 allocates a TMSI and a P-TMSI (or a GUTI) on the basis of the IMSI and the IMEI received from the UE 1, and a second transmitter 23 sends TMSI and the P-TMSI to the UE 1. The MME 3 may also include software 24 to allow it to perform the functions described above.
  • [0069]
    Turning now to FIG. 10, there is illustrated a HSS 4. A receiver 25 is arranged to receive a request for authentication information from the MME 3. The receiver 25 is also arranged to receive the IMSI and the IMEI relating to the UE 1 from the MME 3. A processor 26 associates a sequence number counter 27 with IMSI/IMEI combination. The database 28 contains user subscription information, which is associated with an IMSI or a combination of the IMSI/IMEI as described above. A transmitter 29 is arranged to send authentication information for the user subscription to the MME 3. The HSS 4 may also include software 30 to allow it to perform the functions described above.
  • [0070]
    The invention allows a network to re-use IMSIs for more terminals without affecting the UEs and the interface between the UE and the network. This ensures that legacy UEs and certain network elements need not be modified, and a great many more UEs can be provisioned in a network.
  • [0071]
    It will be appreciated that variations from the above described embodiments may still fall within the scope of the invention. For example, whilst the MME has been used as an example of a core network controlling node, other examples include a Serving GPRS Support Node (SGSN) and a Mobile Switching Centre (MSC).
  • [0072]
    The following abbreviations have been used in this specification:
    • EPS Evolved Packet System
    • GUTI Globally Unique Temporary Identity
    • HSS Home Subscriber Server
    • IMEI International Mobile Equipment Identity
    • IMSI International Mobile Subscriber Identity
    • MCC Mobile Country Code
    • MME Mobility Management Entity
    • MNC Mobile Network Code
    • MSC Mobile Switching Centre
    • MSIN Mobile Subscriber Identification Number
    • PLMN Public Land Mobile Network
    • SGSN Serving GPRS Support Node
    • SIM Subscriber Identity Module
    • UE User Equipment
    • UICC Universal Integrated Circuit Card
    • USIM Universal Subscriber Identity Module

Claims (13)

  1. 1-13. (canceled)
  2. 14. A method of allocating an identifier to a terminal in a communications network, the method comprising:
    receiving from the terminal an International Mobile Subscriber Identity and an International Mobile Equipment Identity relating to the terminal;
    determining subscription information using both the International Mobile Subscriber Identity and the International Mobile Equipment Identity;
    allocating a temporary identifier to the subscription information, the temporary identifier being used to identify the terminal.
  3. 15. The method according to claim 14 wherein the temporary identifier comprises one of a Temporary International Mobile Subscriber Identity, a Packet Temporary International Mobile Subscriber Identity, and a Globally Unique Temporary Identity.
  4. 16. The method according to claim 14 further comprising:
    at a Home Subscriber Server, receiving from a core network control node the International Mobile Subscriber Identity and the International Mobile Equipment Identity, the International Mobile Subscriber Identity identifying a user subscription;
    associating a sequence number counter with the combination of the International Mobile Subscriber Identity and the International Mobile Equipment Identity.
  5. 17. The method according to claim 16 further comprising sending to the core network control node an authentication challenge as part of a process to generate session keys for the terminal, the authentication challenge comprising at least in part an identifier for the terminal.
  6. 18. The method according to claim 14 further comprising:
    at a Home Subscriber Server, receiving from a core network control node the International Mobile Subscriber Identity and the International Mobile Equipment Identity;
    identifying a user subscription using the combination of the International Mobile Subscriber Identity and the International Mobile Equipment Identity.
  7. 19. A core network controlling node for use in a communications network, the core network controlling node comprising:
    a first receiver for receiving from a terminal device a request to attach to the network;
    a first transmitter for sending to a Home Subscriber Server a request for information to authenticate the terminal;
    a second receiver for receiving, from the Home Subscriber Server, information relating to a subscription;
    a processor configured to allocate, on the basis of both an International Mobile Subscriber Identity and an International Mobile Equipment Identity relating to the terminal, a temporary identifier to the subscription information, the temporary identifier being used to identify the terminal;
    a second transmitter for sending the temporary identifier to the user terminal.
  8. 20. The core network controlling node according to claim 19 wherein the core network controlling node comprises one of a Mobility Management Entity, a Serving GPRS Support Node, and a Mobile Switching Centre.
  9. 21. A Home Subscriber Server for use in a communications network, the Home Subscriber Server comprising:
    a first receiver configured to receive from a core network controlling node a request for information to authenticate a terminal, the receiver also configured to receive an International Mobile Subscriber Identity and an International Mobile Equipment Identity relating to the terminal;
    a processor configured to determine subscription information associated with the combination of the International Mobile Subscriber Identity and the International Mobile Equipment Identity.
  10. 22. The Home Subscriber Server according to claim 21 further comprising a transmitter for sending to the core network control node an authentication challenge as part of a process to generate session keys for the terminal, the authentication challenge comprising at least in part an identifier for the terminal.
  11. 23. The Home Subscriber Server according to claim 21:
    wherein the processor is further configured to identify a user subscription on the basis of the International Mobile Subscriber Identity, where the subscription information identifies a unique counter relating to the user subscription;
    wherein the Home Subscriber Server further comprises a transmitter for sending authentication information relating to the user subscription to the core network controlling node.
  12. 24. The Home Subscriber Server according to claim 21:
    wherein the subscription information comprises a user subscription;
    wherein the Home Subscriber Server further comprises a transmitter for sending authentication information relating to the user subscription to the core network controlling node.
  13. 25. A computer program stored in a non-transient computer readable medium, the computer program comprising computer readable code which, when run on a programmable network node, causes the programmable network node to:
    receive from the terminal an International Mobile Subscriber Identity and an International Mobile Equipment Identity relating to the terminal;
    determine subscription information using both the International Mobile Subscriber Identity and the International Mobile Equipment Identity;
    allocate a temporary identifier to the subscription information, the temporary identifier being used to identify the terminal.
US13382586 2009-07-24 2009-07-24 Terminal identifiers in a communications network Active 2029-09-10 US9026082B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2009/059617 WO2011009496A1 (en) 2009-07-24 2009-07-24 Terminal identifiers in a communications network

Publications (2)

Publication Number Publication Date
US20120196570A1 true true US20120196570A1 (en) 2012-08-02
US9026082B2 US9026082B2 (en) 2015-05-05

Family

ID=42125002

Family Applications (2)

Application Number Title Priority Date Filing Date
US13382586 Active 2029-09-10 US9026082B2 (en) 2009-07-24 2009-07-24 Terminal identifiers in a communications network
US14641475 Abandoned US20150181412A1 (en) 2009-07-24 2015-03-09 Terminal Identifiers in a Communications Network

Family Applications After (1)

Application Number Title Priority Date Filing Date
US14641475 Abandoned US20150181412A1 (en) 2009-07-24 2015-03-09 Terminal Identifiers in a Communications Network

Country Status (5)

Country Link
US (2) US9026082B2 (en)
EP (1) EP2457394B1 (en)
JP (1) JP5395955B2 (en)
CN (1) CN102714791B (en)
WO (1) WO2011009496A1 (en)

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110053619A1 (en) * 2009-08-27 2011-03-03 Interdigital Patent Holdings, Inc. Method and apparatus for solving limited addressing space in machine-to-machine (m2m) environments
US20120004003A1 (en) * 2009-12-22 2012-01-05 Shaheen Kamel M Group-based machine to machine communication
US20120129492A1 (en) * 2010-11-18 2012-05-24 Eagle River Holdings Llc System and method for transaction authentication using a mobile communication device
US20120264451A1 (en) * 2010-01-08 2012-10-18 Lg Electronics Inc. Method for monitoring machine type communication device in mobile communication system
US20130023207A1 (en) * 2011-07-19 2013-01-24 Chen Kuo-Yi Wireless Communication User System
US20140146673A1 (en) * 2012-11-26 2014-05-29 Verizon Patent And Licensing Inc. Selection of virtual network elements
US20140302812A1 (en) * 2011-12-22 2014-10-09 Huawei Technologies Co., Ltd. Access method, mobility management device, and user equipment
US8914853B2 (en) * 2012-12-07 2014-12-16 Verizon Patent And Licensing Inc. Blocking network access for unauthorized mobile devices
US20150189459A1 (en) * 2014-01-02 2015-07-02 Cellco Partnership D/B/A Verizon Wireless Subscriber Identification Module ("SIM") Based Machine-to-Machine ("M2M") Client Systems, Methods, and Apparatuses
EP2890166A4 (en) * 2012-08-27 2015-09-23 Huawei Device Co Ltd Method, user equipment and remote management platform for switching operator network
US9603189B2 (en) 2013-03-08 2017-03-21 Nokia Technologies Oy Method and apparatus for multisim devices with embedded SIM functionality
US9686675B2 (en) * 2015-03-30 2017-06-20 Netscout Systems Texas, Llc Systems, methods and devices for deriving subscriber and device identifiers in a communication network
US9794905B1 (en) * 2016-09-14 2017-10-17 At&T Mobility Ii Llc Method and apparatus for assigning mobile subscriber identification information to multiple devices according to location
US9814010B1 (en) * 2016-09-14 2017-11-07 At&T Intellectual Property I, L.P. Method and apparatus for utilizing mobile subscriber identification information with multiple devices based on registration requests
US9838991B1 (en) 2016-08-15 2017-12-05 At&T Intellectual Property I, L.P. Method and apparatus for managing mobile subscriber identification information according to registration requests
US9843922B1 (en) * 2016-09-14 2017-12-12 At&T Intellectual Property I, L.P. Method and apparatus for utilizing mobile subscriber identification information with multiple devices based on registration errors
US9906943B1 (en) 2016-09-29 2018-02-27 At&T Intellectual Property I, L.P. Method and apparatus for provisioning mobile subscriber identification information to multiple devices and provisioning network elements
US9918220B1 (en) 2016-10-17 2018-03-13 At&T Intellectual Property I, L.P. Method and apparatus for managing and reusing mobile subscriber identification information to multiple devices
US20180077563A1 (en) * 2016-09-14 2018-03-15 At&T Intellectual Property I, L.P. Method and apparatus for reassigning mobile subscriber identification information
US9967732B2 (en) 2016-08-15 2018-05-08 At&T Intellectual Property I, L.P. Method and apparatus for managing mobile subscriber identification information according to registration errors

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011009496A1 (en) * 2009-07-24 2011-01-27 Telefonaktiebolaget Lm Ericsson (Publ) Terminal identifiers in a communications network
EP2472925A1 (en) * 2011-01-03 2012-07-04 Gemalto SA Method for transmitting data in a cellular telecommunications network
EP2676398B1 (en) * 2011-02-14 2014-09-10 Telefonaktiebolaget L M Ericsson (Publ) Wireless device, registration server and method for provisioning of wireless devices
EP2684303A4 (en) * 2011-03-09 2014-12-31 Intel Corp Base station and communication method for machine to machine communications
US9537663B2 (en) * 2012-06-20 2017-01-03 Alcatel Lucent Manipulation and restoration of authentication challenge parameters in network authentication procedures
CN103533531B (en) * 2012-07-06 2016-12-28 电信科学技术研究院 Proximity sensing functionality for configuration, network and the terminal equipment and systems
CN102781006B (en) * 2012-07-06 2016-02-03 大唐移动通信设备有限公司 A method of verifying control method and apparatus of the international mobile equipment identification
CN103686651B (en) * 2012-09-12 2018-05-11 中兴通讯股份有限公司 An authentication method for an emergency call, devices and systems based on
CN102905266B (en) * 2012-10-11 2015-05-20 大唐移动通信设备有限公司 Mobile equipment (ME) attaching method and device
CN104661211A (en) * 2013-11-18 2015-05-27 成都鼎桥通信技术有限公司 A method for automatically writing soft SIM information in mobile terminal and method for opening an account for terminal
EP3085047A1 (en) * 2013-12-20 2016-10-26 Vodafone GmbH Method of improving security in a communication network and authentication entity

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070032232A1 (en) * 2005-08-05 2007-02-08 Bleckert Peter N O Method and database for performing a permission status check on a mobile equipment
US20070178885A1 (en) * 2005-11-28 2007-08-02 Starhome Gmbh Two-phase SIM authentication
US20070275718A1 (en) * 2006-05-22 2007-11-29 Hewlett-Packard Development Company, L.P. Detection of cloned identifiers in communication systems
US20080096555A1 (en) * 2004-09-25 2008-04-24 Koninklijke Philips Electronics, N.V. Registration of a Mobiel Station in a Communication Network
US20110086612A1 (en) * 2009-10-09 2011-04-14 Mark Montz Network access control

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE4119573A1 (en) * 1991-06-14 1992-12-17 Standard Elektrik Lorenz Ag Method for determining a tempo raeren number (TMSI) for in a subscriber database a subscriber
JPH08140136A (en) 1994-11-07 1996-05-31 Oki Electric Ind Co Ltd Communication system
US7206301B2 (en) * 2003-12-03 2007-04-17 Institute For Information Industry System and method for data communication handoff across heterogenous wireless networks
US20080268842A1 (en) 2007-04-30 2008-10-30 Christian Herrero-Veron System and method for utilizing a temporary user identity in a telecommunications system
WO2011009496A1 (en) * 2009-07-24 2011-01-27 Telefonaktiebolaget Lm Ericsson (Publ) Terminal identifiers in a communications network

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080096555A1 (en) * 2004-09-25 2008-04-24 Koninklijke Philips Electronics, N.V. Registration of a Mobiel Station in a Communication Network
US20070032232A1 (en) * 2005-08-05 2007-02-08 Bleckert Peter N O Method and database for performing a permission status check on a mobile equipment
US20070178885A1 (en) * 2005-11-28 2007-08-02 Starhome Gmbh Two-phase SIM authentication
US20070275718A1 (en) * 2006-05-22 2007-11-29 Hewlett-Packard Development Company, L.P. Detection of cloned identifiers in communication systems
US20110086612A1 (en) * 2009-10-09 2011-04-14 Mark Montz Network access control

Cited By (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8718688B2 (en) * 2009-08-27 2014-05-06 Interdigital Patent Holdings, Inc. Method and apparatus for solving limited addressing space in machine-to-machine (M2M) environments
US20110053619A1 (en) * 2009-08-27 2011-03-03 Interdigital Patent Holdings, Inc. Method and apparatus for solving limited addressing space in machine-to-machine (m2m) environments
US20120004003A1 (en) * 2009-12-22 2012-01-05 Shaheen Kamel M Group-based machine to machine communication
US8891423B2 (en) * 2009-12-22 2014-11-18 Interdigital Patent Holdings, Inc. Group-based machine to machine communication
US20120264451A1 (en) * 2010-01-08 2012-10-18 Lg Electronics Inc. Method for monitoring machine type communication device in mobile communication system
US9300480B2 (en) * 2010-01-08 2016-03-29 Lg Electronics Inc. Method for monitoring machine type communication device in mobile communication system
US8577336B2 (en) * 2010-11-18 2013-11-05 Mobilesphere Holdings LLC System and method for transaction authentication using a mobile communication device
US20120129492A1 (en) * 2010-11-18 2012-05-24 Eagle River Holdings Llc System and method for transaction authentication using a mobile communication device
US20130023207A1 (en) * 2011-07-19 2013-01-24 Chen Kuo-Yi Wireless Communication User System
US20140302812A1 (en) * 2011-12-22 2014-10-09 Huawei Technologies Co., Ltd. Access method, mobility management device, and user equipment
EP2890166A4 (en) * 2012-08-27 2015-09-23 Huawei Device Co Ltd Method, user equipment and remote management platform for switching operator network
US20140146673A1 (en) * 2012-11-26 2014-05-29 Verizon Patent And Licensing Inc. Selection of virtual network elements
US9270596B2 (en) * 2012-11-26 2016-02-23 Verizon Patent And Licensing Inc. Selection of virtual network elements
US8914853B2 (en) * 2012-12-07 2014-12-16 Verizon Patent And Licensing Inc. Blocking network access for unauthorized mobile devices
US9603189B2 (en) 2013-03-08 2017-03-21 Nokia Technologies Oy Method and apparatus for multisim devices with embedded SIM functionality
US20150189459A1 (en) * 2014-01-02 2015-07-02 Cellco Partnership D/B/A Verizon Wireless Subscriber Identification Module ("SIM") Based Machine-to-Machine ("M2M") Client Systems, Methods, and Apparatuses
US9596557B2 (en) * 2014-01-02 2017-03-14 Cellco Partnership Subscriber identification module (“SIM”) based machine-to-machine (“M2M”) client systems, methods, and apparatuses
US9686675B2 (en) * 2015-03-30 2017-06-20 Netscout Systems Texas, Llc Systems, methods and devices for deriving subscriber and device identifiers in a communication network
US9838991B1 (en) 2016-08-15 2017-12-05 At&T Intellectual Property I, L.P. Method and apparatus for managing mobile subscriber identification information according to registration requests
US9967732B2 (en) 2016-08-15 2018-05-08 At&T Intellectual Property I, L.P. Method and apparatus for managing mobile subscriber identification information according to registration errors
US9794905B1 (en) * 2016-09-14 2017-10-17 At&T Mobility Ii Llc Method and apparatus for assigning mobile subscriber identification information to multiple devices according to location
US9814010B1 (en) * 2016-09-14 2017-11-07 At&T Intellectual Property I, L.P. Method and apparatus for utilizing mobile subscriber identification information with multiple devices based on registration requests
US9843922B1 (en) * 2016-09-14 2017-12-12 At&T Intellectual Property I, L.P. Method and apparatus for utilizing mobile subscriber identification information with multiple devices based on registration errors
US20180077667A1 (en) * 2016-09-14 2018-03-15 At&T Intellectual Property I, L.P. Method and apparatus for utilizing mobile subscriber identification information with multiple devices based on registration requests
US20180077561A1 (en) * 2016-09-14 2018-03-15 At&T Intellectual Property I, L.P. Method and apparatus for utilizing mobile subscriber identification information with multiple devices based on registration errors
US20180077563A1 (en) * 2016-09-14 2018-03-15 At&T Intellectual Property I, L.P. Method and apparatus for reassigning mobile subscriber identification information
US9924347B1 (en) * 2016-09-14 2018-03-20 At&T Intellectual Property I, L.P. Method and apparatus for reassigning mobile subscriber identification information
US9906943B1 (en) 2016-09-29 2018-02-27 At&T Intellectual Property I, L.P. Method and apparatus for provisioning mobile subscriber identification information to multiple devices and provisioning network elements
US9918220B1 (en) 2016-10-17 2018-03-13 At&T Intellectual Property I, L.P. Method and apparatus for managing and reusing mobile subscriber identification information to multiple devices

Also Published As

Publication number Publication date Type
WO2011009496A1 (en) 2011-01-27 application
EP2457394B1 (en) 2013-07-03 grant
CN102714791A (en) 2012-10-03 application
CN102714791B (en) 2015-06-17 grant
US20150181412A1 (en) 2015-06-25 application
US9026082B2 (en) 2015-05-05 grant
JP5395955B2 (en) 2014-01-22 grant
EP2457394A1 (en) 2012-05-30 application
JP2013500613A (en) 2013-01-07 application

Similar Documents

Publication Publication Date Title
US20090111428A1 (en) System and Method for Authenticating a Context Transfer
US20040162998A1 (en) Service authentication in a communication system
US20060205434A1 (en) Method and system for providing a temporary subscriber identity to a roaming mobile communications device
US20110028126A1 (en) System for managing unregistered terminals with shared authentication information and method thereof
US20090217038A1 (en) Methods and Apparatus for Locating a Device Registration Server in a Wireless Network
US20090217348A1 (en) Methods and Apparatus for Wireless Device Registration
US20090305668A1 (en) Method and system for protection against the unauthorized use of a terminal
US20140004827A1 (en) System and method for remote provisioning of embedded universal integrated circuit cards
US20080310425A1 (en) System and method for automatic detection and reporting of the mapping between device identity and network address in wireless networks
US20110191835A1 (en) Method and apparatus for identity reuse for communications devices
EP2096884A1 (en) Telecommunications network and method for time-based network access
US20130035067A1 (en) Method and apparatus for authenticating communication device
US20050210127A1 (en) Infection-based monitoring of a party in a communication network
US20120058743A1 (en) Method for legitimately unlocking a sim card lock, unlocking server, and unlocking system for a sim card lock
US20020168960A1 (en) One-way roaming from ANS-41 to GSM systems
US7082297B2 (en) Performing authentication
US20080002829A1 (en) Identifiers in a communication system
US20160127132A1 (en) Method and apparatus for installing profile
US20060116122A1 (en) Mobile terminal identity protection through home location register modification
US7505786B2 (en) Method and mobile telecommunication network for detection of device information
US20120196570A1 (en) Terminal Identifiers in a Communications Network
US20130286950A1 (en) Method and Mobile Terminal for Dealing with PS Domain Service and Realizing PS Domain Service Request
US20120222091A1 (en) Methods and apparatus for use in a generic bootstrapping architecture
US20130315155A1 (en) Method and Apparatus for Associating Service Provider Network Identifiers with Access Network Identifiers
US20130225130A1 (en) Method for operating a network and a network

Legal Events

Date Code Title Description
AS Assignment

Owner name: TELEFONAKTIEBOLAGET L M ERICSSON (PUBL), SWEDEN

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:HALLENSTAL, MAGNUS;LINDHOLM, FREDRIK;SIGNING DATES FROM 20090824 TO 20090901;REEL/FRAME:027604/0607

CC Certificate of correction